Latest CVE Feed
-
0.0
NACVE-2025-39826
In the Linux kernel, the following vulnerability has been resolved: net: rose: convert 'use' field to refcount_t The 'use' field in struct rose_neigh is used as a reference counter but lacks atomicity. This can lead to race conditions where a rose_neigh... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2025-39827
In the Linux kernel, the following vulnerability has been resolved: net: rose: include node references in rose_neigh refcount Current implementation maintains two separate reference counting mechanisms: the 'count' field in struct rose_neigh tracks refe... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-39828
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control(). syzbot reported the splat below. [0] When atmtcp_v_open() or atmtcp_v_close() is called via connect() or close(), atmtcp_... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Information Disclosure
-
0.0
NACVE-2025-39829
In the Linux kernel, the following vulnerability has been resolved: trace/fgraph: Fix the warning caused by missing unregister notifier This warning was triggered during testing on v6.16: notifier callback ftrace_suspend_notifier_call already registere... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
-
0.0
NACVE-2025-39831
In the Linux kernel, the following vulnerability has been resolved: fbnic: Move phylink resume out of service_task and into open/close The fbnic driver was presenting with the following locking assert coming out of a PM resume: [ 42.208116][ T164] RT... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-39832
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix lockdep assertion on sync reset unload event Fix lockdep assertion triggered during sync reset unload event. When the sync reset flow is initiated using the devlink reload... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2025-39833
In the Linux kernel, the following vulnerability has been resolved: mISDN: hfcpci: Fix warning when deleting uninitialized timer With CONFIG_DEBUG_OBJECTS_TIMERS unloading hfcpci module leads to the following splat: [ 250.215892] ODEBUG: assert_init n... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Misconfiguration
-
7.5
HIGHCVE-2025-37125
A broken access control vulnerability exists in HPE Aruba Networking EdgeConnect OS (ECOS). Successful exploitation could allow an attacker to bypass firewall protections, potentially leading to unauthorized traffic being handled improperly... Read more
Affected Products :- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Authorization
-
0.0
NACVE-2022-50341
In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual addre... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2022-50342
In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in do_floppy_init() A memory leak was reported when floppy_alloc_disk() failed in do_floppy_init(). unreferenced object 0xffff888115ed25a0 (size 8): comm "mod... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53306
In the Linux kernel, the following vulnerability has been resolved: fsdax: force clear dirty mark if CoW XFS allows CoW on non-shared extents to combat fragmentation[1]. The old non-shared extent could be mwrited before, its dax entry is marked dirty. ... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53328
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Enhance sanity check while generating attr_list ni_create_attr_list uses WARN_ON to catch error cases while generating attribute list, which only prints out stack trace and ma... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Misconfiguration
-
2.7
LOWCVE-2025-59160
Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombst... Read more
Affected Products : javascript_sdk- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Misconfiguration
-
6.9
MEDIUMCVE-2025-59336
Luanox is a module host for Lua packages. Prior to 0.1.1, a file traversal vulnerability can cause potential denial of service by overwriting Phoenix runtime files. Package names like ../../package are not properly filtered and pass the validity check of ... Read more
Affected Products :- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Path Traversal
-
0.0
NACVE-2022-50344
In the Linux kernel, the following vulnerability has been resolved: ext4: fix null-ptr-deref in ext4_write_info I caught a null-ptr-deref bug as follows: ================================================================== KASAN: null-ptr-deref in range [... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53310
In the Linux kernel, the following vulnerability has been resolved: power: supply: axp288_fuel_gauge: Fix external_power_changed race fuel_gauge_external_power_changed() dereferences info->bat, which gets sets in axp288_fuel_gauge_probe() like this: ... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2023-53313
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix wrong setting of max_corr_read_errors There is no input check when echo md/max_read_errors and overflow might occur. Add check of input number.... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
-
0.0
NACVE-2023-53330
In the Linux kernel, the following vulnerability has been resolved: caif: fix memory leak in cfctrl_linkup_request() When linktype is unknown or kzalloc failed in cfctrl_linkup_request(), pkt is not released. Add release process to error path.... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53331
In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check start of empty przs during init After commit 30696378f68a ("pstore/ram: Do not treat empty buffers as valid"), initialization would assume a prz was valid after seeing... Read more
Affected Products : linux_kernel- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Memory Corruption
-
8.4
HIGHCVE-2025-59050
Greenshot is an open source Windows screenshot utility. Greenshot 1.3.300 and earlier deserializes attacker-controlled data received in a WM_COPYDATA message using BinaryFormatter.Deserialize without prior validation or authentication, allowing a local pr... Read more
Affected Products : greenshot- Published: Sep. 16, 2025
- Modified: Sep. 17, 2025
- Vuln Type: Memory Corruption